What is CVE-2025-34077?

CVE-2025-34077 is a vulnerability in Genetech Solutions Wordpress Pie Register Plugin, classified under Unrestricted Upload of File with Dangerous Type. Published 2025-07-09.

Is CVE-2025-34077 known to be exploited?

8 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Genetech Solutions Wordpress Pie Register Plugin

CVE-2025-34077

An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting social…

Vulnerability class: Unrestricted File Upload

EPSS: 0.762 (98.9th percentile) — read the EPSS interpretation.

Affected products

Genetech Solutions Wordpress Pie Register Plugin — versions 0

Weakness classification (CWE)

Public proof-of-concept exploits

References

github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp… (exploit)
www.exploit-db.com/exploits/50395 (exploit)
pieregister.com/ (product)
github.com/GTSolutions/Pie-Register (product)
wordpress.org/plugins/pie-register/ (product)
vulncheck.com/advisories/wordpress-pie-register-plugin-rce (third-party-advisory)

Frequently asked questions

What is CVE-2025-34077?: CVE-2025-34077 is a vulnerability in Genetech Solutions Wordpress Pie Register Plugin, classified under Unrestricted Upload of File with Dangerous Type. Published 2025-07-09.
Is CVE-2025-34077 known to be exploited?: 8 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.